<?php
require_once('../../libraryfiles/config.php');
$action = isset($_GET['action']) ? $_GET['action'] : '';
switch($action){
	case 'add' :
		addAdvertise();
		break;
	case 'edit' :
		editAdvertise();
		break;
	case 'publish':
		publishSelect();
		break;
	case 'muliDelete' :
		muliDelete();
		break;
		default :
	header('Location:'.base_url_admin.'/advertise/index.php');
}
function addAdvertise(){
	$PathFileUpload = FRONT_SITE_DIR.DS.'images'.DS.'advertise'.DS;	
	if(!file_exists($PathFileUpload)){
		mkdir($PathFileUpload, 0777, true);
	}
	if (isset($_POST["btnsave"])){
			$allowedExts = array("gif", "jpeg", "jpg", "png","bmp","x-icon");
			$temp = explode(".", $_FILES["txtimage"]["name"]);
			$extension = end($temp);
			
			$url = (isset($_POST['txtaddlink'])?$_POST['txtaddlink']:'');
			if (preg_match("/\b(?:(?:https?|ftp):\/\/|www\.)[-a-z0-9+&@#\/%?=~_|!:,.;]*[-a-z0-9+&@#\/%=~_|]/i", $url)) {
			}
			else {
			   setSession(array('title'=>@$_POST['txttitle'],'link'=>@$_POST['txtaddlink'],'postdate'=>@$_POST['txtpost'],'enddate'=>@$_POST['txtendpost'],'enddate'=>@$_POST['txtendpost'],'desc'=>@$_POST['txtdescription'],'position'=>@$_POST['txtposition'],'page'=>@$_POST['txtpage']));
			   header('location:'.base_url_admin.'/advertise/index.php?view=add&error=invalid_url');
			   exit();
			}
			
			$names = $_FILES["txtimage"]["name"];
			$temp = explode(".", $names);
			$filename = genRandomString(10) . '.' . end($temp);
			
		if(($_FILES['txtimage']['type']=="image/gif") || ($_FILES["txtimage"]["type"] == "image/jpeg") || ($_FILES["txtimage"]["type"] == "image/jpg") ||($_FILES["txtimage"]["type"] == "image/pjpeg") || ($_FILES["txtimage"]["type"] == "image/png") && ($_FILES["txtimage"]["size"] < 20000) && in_array($extension, $allowedExts)){
			$username= $_SESSION['username'];
			$adv_title= ampReplace($_POST['txttitle']);
			$Linkimage = ampReplace($_POST['txtaddlink']);
			$description = ampReplace($_POST['txtdescription']);
			$Datepost = ampReplace($_POST['txtpost']);
			$Dateendpost=ampReplace($_POST['txtendpost']);
			$page = ampReplace($_POST['txtpage']);
			$position=ampReplace($_POST['txtposition']);
			
			 $strInsert = "INSERT INTO ".Tbladvertise::tbladvertise."(".Tbladvertise::title.",
													 ".Tbladvertise::description.",
													 ".Tbladvertise::image.",
													 ".Tbladvertise::position.",
													 ".Tbladvertise::datepost.",
													 ".Tbladvertise::dateendpost.",
													 ".Tbladvertise::page.",
													 ".Tbladvertise::link.",
													 ".Tbladvertise::user.",
													 ".Tbladvertise::status."
													)
		
		   VALUES(
					   '".$adv_title."',
					   '".$description."',
					   '".$filename."',
					   '".$position."',
					   '".$Datepost."',
					   '".$Dateendpost."',
					   '".$page."',
					   '".$Linkimage."',
					   '".$username."',
					   1)";
		
			if(strtotime($Datepost) >= strtotime($Dateendpost)){
				setSession(
					array(
						'title'=>$adv_title,
						'link' =>$Linkimage,
						'postdate'=>$Datepost,
						'enddate'=>$Dateendpost,
						'page'=>$page,
						'desc'=>$description,
						'position'=>$position));
				header('Location:'.base_url_admin.'/advertise/index.php?view=add&error=date_error');
				exit();
			}
			clearSession(array('title','link','postdate','enddate','page','desc','position'));
			@move_uploaded_file($_FILES["txtimage"]["tmp_name"],$PathFileUpload.$filename);
			mysql_query($strInsert) or die('Error with query insert.'.mysql_error());
			header('Location:'.base_url_admin.'/advertise/index.php?msg=add_success');
			exit();
      }else{
      	  setSession(array('title','link','postdate','enddate','page','desc','position'));
		  header('Location:'.base_url_admin.'/advertise/index.php?view=add&error=invalid_file');
		  exit();
	 }
   }
	 header('Location:'.base_url_admin.'/advertise/index.php');	
	 exit();
}

function editAdvertise(){
	$PathFileUpload = FRONT_SITE_DIR.DS.'images'.DS.'advertise'.DS;	
	if (isset($_POST["btnupdate"])){
			$username= $_SESSION['username'];
			$id = $_GET['id']?(int)$_GET['id']:'';
			$allowedExts = array("gif", "jpeg", "jpg", "png");
			$temp = explode(".", $_FILES["txtimage"]["name"]);
			$extension = end($temp);
			$url = (isset($_POST['txtaddlink'])?$_POST['txtaddlink']:'');
			if (!preg_match("/\b(?:(?:https?|ftp):\/\/|www\.)[-a-z0-9+&@#\/%?=~_|!:,.;]*[-a-z0-9+&@#\/%=~_|]/i", $url)) {
			   header('location:'.base_url_admin.'/advertise/index.php?view=edit&error=invalid_url&id='.$id.' ');
			   exit();
			}
			$names = $_FILES["txtimage"]["name"];
			$temp = explode(".", $names);
			$filename = genRandomString(10) . '.' . end($temp);
			if(($_FILES['txtimage']['name']=='' || $_FILES['txtimage']['type']=="image/gif") || ($_FILES["txtimage"]["type"] == "image/jpeg") || ($_FILES["txtimage"]["type"] == "image/jpg") ||($_FILES["txtimage"]["type"] == "image/pjpeg") || ($_FILES["txtimage"]["type"] == "image/png") || ($_FILES["txtimage"]["size"] < 20000) && in_array($extension, $allowedExts)){
            //$filename=$_FILES['txtimage']['name'];
		    $adv_title= ampReplace($_POST['txttitle']);
			$Linkimage = ampReplace($_POST['txtaddlink']);
			$description = ampReplace($_POST['txtdescription']);
			$Datepost = ampReplace($_POST['txtpost']);
			$page = ampReplace($_POST['txtpage']);
			$Dateendpost=ampReplace($_POST['txtendpost']);
			$position=ampReplace($_POST['txtposition']);
			$img = mysql_query("SELECT ".Tbladvertise::image." FROM ".Tbladvertise::tbladvertise." WHERE ".Tbladvertise::id."=".@$id);
			if(mysql_num_rows($img)>0){
				while($arr = mysql_fetch_array($img)){
					$Oldimg = $arr[Tbladvertise::image];
				}
			}
			if(empty($_FILES['txtimage']['name'])){
				$update = 'UPDATE ' . Tbladvertise::tbladvertise. ' SET 
																'.Tbladvertise::title . '= "' . $adv_title . '",
																'.Tbladvertise::position . '="' . $position . '",
																'.Tbladvertise::datepost . '="' . $Datepost . '",
																'.Tbladvertise::dateendpost . '="' . $Dateendpost . '",
																'.Tbladvertise::link . '="' . $Linkimage . '",
																'.Tbladvertise::page.'="'.$page.'",
																'.Tbladvertise::user . '="' . $username . '"
																 WHERE ' . Tbladvertise::id . '=' . $id;
				
			}else{
				$update = 'UPDATE ' . Tbladvertise::tbladvertise. ' SET 
																'.Tbladvertise::title . '= "' . $adv_title . '", 
																'.Tbladvertise::image . '="' . $filename . '",
																'.Tbladvertise::position . '="' . $position . '",
																'.Tbladvertise::datepost . '="' . $Datepost . '",
																'.Tbladvertise::dateendpost . '="' . $Dateendpost . '",
																'.Tbladvertise::link . '="' . $Linkimage . '",
																'.Tbladvertise::page.'="'.$page.'",
																'.Tbladvertise::user . '="' . $username . '"
																 WHERE ' . Tbladvertise::id . '=' . $id;
				
			}
			if(strtotime($Datepost) >= strtotime($Dateendpost)){
				header('Location:'.base_url_admin.'/advertise/index.php?view=edit');
				exit();
			}
			if (file_exists($PathFileUpload. $_FILES["txtimage"]["name"]))
			{
				@move_uploaded_file($_FILES["txtimage"]["tmp_name"],$PathFileUpload. $filename);
				@unlink($PathFileUpload.$Oldimg);
				mysql_query($update) or die(mysql_error());
		  		header('Location:'.base_url_admin.'/advertise/index.php?msg=update_success');
				exit();
		 	 }else{
				@move_uploaded_file($_FILES["txtimage"]["tmp_name"],$PathFileUpload. $filename);
				@unlink($PathFileUpload.$Oldimg);
				mysql_query($update) or die(mysql_error());
				header('Location:'.base_url_admin.'/advertise/index.php?msg=update_success');
				exit();
			}
		  }else{
			  header('Location:'.base_url_admin.'/advertise/index.php?error=invalid_file');
			  exit();
		 }
	}
	 header('Location:'.base_url_admin.'/advertise/index.php');	
	 exit();
}

function publishSelect(){

	if(isset($_POST['id'])){
		
	  if(isset($_GET['publish']) && (int)$_GET['publish']>=0 && (int)$_GET['publish']<=1){
	   $state = (int)$_GET['publish'];
	   
	  }
	  else{
	   header('Location:'.base_url_admin.'/advertise/index.php');
	   exit();
	  }
	  $id = (is_array($_POST['id']))?implode(',',$_POST['id']):$_POST['id'];
	  $sql = "UPDATE tbl_advertisement SET adv_status = $state WHERE adv_id IN ($id)";
	  mysql_query($sql);
	 }
	header('Location:'.base_url_admin.'/advertise/index.php');	

}
function muliDelete()
{
	if(isset($_POST['id'])){
	  $id = (is_array($_POST['id']))?implode(',',$_POST['id']):$_POST['id'];
	$image = '';
		 $add_img = FRONT_SITE_DIR.DS.'images'.DS.'advertise'.DS;
	$query_selete = "SELECT *FROM tbl_advertisement WHERE adv_id IN($id)";
	$img = mysql_query($query_selete);
	while($arr = mysql_fetch_array($img)){
		$image = $arr['adv_upload_image'];
		@unlink($add_img.$image);
	}
	$sql = "DELETE FROM tbl_advertisement WHERE adv_id IN ($id)";
	mysql_query($sql);
	  
	 }
	header('Location:'.base_url_admin.'/advertise/index.php');	

}

?>